Nice package, very useful :bowtie:
But unnecessary files are installed during npm install :
I see that you have an .npmignore file with this inside :
node_modules
.DS_Store
That's pretty useless as those files are ignored by default by NPM
I suggest whitelisting instead of blacklisting files to be installed by adding files to the package.json :
{
"files": [
"lib/",
"decode.js",
"index.js",
"sign.js",
"verify.js"
]
}
Please read documentation : https://docs.npmjs.com/files/package.json#files
Also remove .npmignore file
Some of us are using microservices (AWS Lambda, Azure Function, etc.) and we can benefit having small packages with only production files. Thanks. I maybe PR with that.
PS: And rename bin/changelog to scripts/changelog.js as bin is usually used to distribute bin files
Okay here is the PR https://github.com/auth0/node-jsonwebtoken/pull/245
But unnecessary files are installed during npm install :
I accept your opinion but I am against this kind of optimization in the repositories that I maintain.
The short answer is that I happen to use the things I maintain and this kind of optimization doesn't worth and it makes developers life harder.
Long answer:
These files sum a total of 120k and gzipped is 11k. This is nothing in term of band witch and storage nowadays.
Removing this mean that I can't check the "tests" or the CHANGELOG locally. Instead I have to:
which is very inconvenient when you are developing in node.js.
@jfromaniello This is not an optimisation, this is first of all about semantics :
source code !== distribution
Please have a look at some packages like :
I didn't add CHANGELOG.md in file by purpose as npm adds it by default:
Certain files are always included, regardless of settings:
package.json
README (and its variants)
CHANGELOG (and its variants)
LICENSE / LICENCE
Tests are for contributors (people that are cloning your repo).
The short answer is that I happen to use the things I maintain
All those files will still be in your repo and in your tags/releases..
this kind of optimization doesn't worth and it makes developers life harder.
Think about microservices (AWS Lambda, Azure Functions, etc..). I had to add a "cleanup" script on my CI environment not to deploy tests and extra useless files.. :-/
NPM is a package manager not a SCM
@jfromaniello You can also look at your friend auth0/lock with its .npmignore file
And you can also read http://stackoverflow.com/questions/8617753/exclude-test-code-in-npm-package
Most helpful comment
@jfromaniello You can also look at your friend auth0/lock with its .npmignore file
And you can also read http://stackoverflow.com/questions/8617753/exclude-test-code-in-npm-package